List Archives

[ActiveDir] Hosts File

rmscheck — Fri, 06 Nov 2009 03:33:45 GMT

Anyone know of any adverse reaction to editing a host file on a domain
controller such that its own IP points to a different name?

Never mind the reason.. I'm still trying to wrap my head around why
an application would require this, but this is what I was told had to
be done..

My dilemma is trying to determine if doing this could cause any
adverse AD/DC behavior... I have already seen it cause oddity on a
DC with DHCP, in the admin console the server name is no longer the
true hostname of the DC but rather of the added name from the hosts
file. Not sure if that's severe, but I'm curious what else could be
broken...

thanks!

RE: [ActiveDir] XP clients caching bad DC IPs unable to log in until rebooted, 2003 and 2008 mixed DCs

jserban — Fri, 06 Nov 2009 01:36:58 GMT

Rich,
I've run multi-homed DCs for a few years where only one NIC was to be
published. I never had to edit the registry as you did in step 1. Steps 2
and 3 need to both be done. When running DNS on a DC, it will register SRV
records for all interfaces bound to the DNS server, even if you uncheck the
setting on the NIC.

See the following article on Domain Controller Stickiness
http://blogs.dirteam.com/blogs/sanderberkouwer/archive/2008/06/24/domain-con
troller-stickiness-prevention.aspx as it discusses domain controller caching
issues. Rather than rebooting a client, I would try to run "nltest
/dsgetdc: /force" to see if this prompts the workstation to find a new DC.

John

After much digging and trial and error, I determined that what was needed
was all three of these:
1) Registry key
HKLM\System\CurrentControlSet\Services\DNS\Parameters\PublishAddresses
- 10.10.10.36 (or 37)
2) Select only that interface for DNS to listen on
3) Uncheck Register this interface address in DNS for all except 10.10.10.x
network.

-----Original Message-----
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Rich Milburn
Sent: Thursday, November 05, 2009 8:11 PM
To: activedir
Subject: [ActiveDir] XP clients caching bad DC IPs unable to log in until
rebooted, 2003 and 2008 mixed DCs

Ok we just slipped our 2008 AD schedule because someone wasn't
comfortable with the test environment results. I'll try to give
enough details so someone can help, without writing a novel a la
joe...

Original State - 2 Server 2003 SP2 DCs, 10 XP SP2 clients, in a lab.
DC01, DC02. Clients point to these two as DNS servers.
Step 1 -
Extended schema, promoted DC03 and DC04, Server 2008 SP2 Enterprise
(x86), same forest, same domain. All DCs running DNS.
DC01 = 10.10.10.36, 2003
DC02 = 10.10.10.37, 2003
DC03 = 10.10.10.56, 2008
DC04 = 10.10.10.57, 2008

Complicating factor: the person who installed and configured the OS
on 2008 servers left Register this interface's address in DNS checked
on all 3 interfaces. Yes, these servers are multi-homed. Yes, I know
that's not recommended. No, I didn't check it before running dcpromo.

Step 2 -
Moved FSMO roles from DC01 to DC03.
Swapped IP addresses so that now:
DC01 = 10.10.10.56, 2003
DC02 = 10.10.10.57, 2003
DC03 = 10.10.10.36, 2008
DC04 = 10.10.10.37, 2008

All clients now point to DC03 and DC04 for DNS. Clients cannot log
in. Swap IPs back, clients can log in. Back again, can't log in.
nslookup domain.name shows
10.10.10.36
192.168.10.112
192.168.85.115
10.10.10.37
192.168.10.114
192.168.85.117

Pinging the domain name 10 times from a client shows 36 once, 37 once,
and the other addresses 8 times.

Note that the 192.168 networks are not routed to the 10.10.10.x nets,
and are unreachable. Clients are on a different subnet (10.10.20.x)

After much digging and trial and error, I determined that what was
needed was all three of these:
1) Registry key
HKLM\System\CurrentControlSet\Services\DNS\Parameters\PublishAddresses
- 10.10.10.36 (or 37)
2) Select only that interface for DNS to listen on
3) Uncheck Register this interface address in DNS for all except
10.10.10.x network.

Now nslookup domain.name shows
10.10.10.36
10.10.10.37

Ok not sure why 56 and 57 are not showing up but at least this is on
the right track.

Tech reboots clients, and now clients can log in.

Step 3 -
demote 2003 DCs.

All seems well. DC01 and DC02 are now member servers.

However, clients that are not rebooted, cannot log in. Hmmm.

Shut down old DCs. Now clients... can still not log in unless they
are rebooted (we kept trying another one to see). Once a client is
rebooted after fixing DNS, it can always log in, no problems. So my
guess is that these clients have cached the bad DNS entry they got,
and the easiest way to clear the cache is a reboot.

So. Production is a mirror, two DCs, added two more a la step one
above. So far so good. I took the precaution to perform fixes 1 and
3 on the new 2008 production servers prior to dcpromo, and fix 2
immediately afterwards. Nslookup shows all 4 DNS addresses, which are
on the right network. It seems that we will not have the DNS problem
with bad DC addresses being handed out and cached. However... some
techs are not convinced that we will not have to reboot every single
client like we did in the lab. And since that would be bad (clients
are ATM machines), they decided to stop the upgrade before we do Step
2 tomorrow, until we have 100% confidence we will not have to reboot
all the ATMs. Sigh.

###### So my first question is: Why didn't these clients fail over to
the next DC in the list? It seems they contacted the first DC address
returned, and gave up.

Ok. Chapter 2.

So I turned on the old lab DC01 and DC02. Ran dcpromo. DC01 blue
screened in the middle of it, and rebooted. Nice. Seems everything
worked except loading the DNS zones, but to be sure, I demoted it,
rebooted, and ran dcpromo again. RDP session dropped again, in the
middle, most likely BSoD. How fun. Yep, 0x000000cc (0x8b54efa0,
0x00000001, 0x8083a197, 0x00000000). I'll be googling that in a
moment.

Oh and seems like DC02 had the same BSoD error. Could these be
related to promoting 2003 DCs into a 2003 mode domain with only 2008
DCs??

Well, any ideas are certainly welcome at this point.

Thanks
Rich (Milburn)

PS and hello again to anyone who remembers me ;-)

[ActiveDir] XP clients caching bad DC IPs unable to log in until rebooted, 2003 and 2008 mixed DCs

richmilburnactivedir — Fri, 06 Nov 2009 01:12:38 GMT

Ok we just slipped our 2008 AD schedule because someone wasn't
comfortable with the test environment results. I'll try to give
enough details so someone can help, without writing a novel a la
joe...

Original State - 2 Server 2003 SP2 DCs, 10 XP SP2 clients, in a lab.
DC01, DC02. Clients point to these two as DNS servers.
Step 1 -
Extended schema, promoted DC03 and DC04, Server 2008 SP2 Enterprise
(x86), same forest, same domain. All DCs running DNS.
DC01 = 10.10.10.36, 2003
DC02 = 10.10.10.37, 2003
DC03 = 10.10.10.56, 2008
DC04 = 10.10.10.57, 2008

Complicating factor: the person who installed and configured the OS
on 2008 servers left Register this interface's address in DNS checked
on all 3 interfaces. Yes, these servers are multi-homed. Yes, I know
that's not recommended. No, I didn't check it before running dcpromo.

Step 2 -
Moved FSMO roles from DC01 to DC03.
Swapped IP addresses so that now:
DC01 = 10.10.10.56, 2003
DC02 = 10.10.10.57, 2003
DC03 = 10.10.10.36, 2008
DC04 = 10.10.10.37, 2008

All clients now point to DC03 and DC04 for DNS. Clients cannot log
in. Swap IPs back, clients can log in. Back again, can't log in.
nslookup domain.name shows
10.10.10.36
192.168.10.112
192.168.85.115
10.10.10.37
192.168.10.114
192.168.85.117

Pinging the domain name 10 times from a client shows 36 once, 37 once,
and the other addresses 8 times.

Note that the 192.168 networks are not routed to the 10.10.10.x nets,
and are unreachable. Clients are on a different subnet (10.10.20.x)

After much digging and trial and error, I determined that what was
needed was all three of these:
1) Registry key
HKLM\System\CurrentControlSet\Services\DNS\Parameters\PublishAddresses
- 10.10.10.36 (or 37)
2) Select only that interface for DNS to listen on
3) Uncheck Register this interface address in DNS for all except
10.10.10.x network.

Now nslookup domain.name shows
10.10.10.36
10.10.10.37

Ok not sure why 56 and 57 are not showing up but at least this is on
the right track.

Tech reboots clients, and now clients can log in.

Step 3 -
demote 2003 DCs.

All seems well. DC01 and DC02 are now member servers.

However, clients that are not rebooted, cannot log in. Hmmm.

Shut down old DCs. Now clients... can still not log in unless they
are rebooted (we kept trying another one to see). Once a client is
rebooted after fixing DNS, it can always log in, no problems. So my
guess is that these clients have cached the bad DNS entry they got,
and the easiest way to clear the cache is a reboot.

So. Production is a mirror, two DCs, added two more a la step one
above. So far so good. I took the precaution to perform fixes 1 and
3 on the new 2008 production servers prior to dcpromo, and fix 2
immediately afterwards. Nslookup shows all 4 DNS addresses, which are
on the right network. It seems that we will not have the DNS problem
with bad DC addresses being handed out and cached. However... some
techs are not convinced that we will not have to reboot every single
client like we did in the lab. And since that would be bad (clients
are ATM machines), they decided to stop the upgrade before we do Step
2 tomorrow, until we have 100% confidence we will not have to reboot
all the ATMs. Sigh.

###### So my first question is: Why didn't these clients fail over to
the next DC in the list? It seems they contacted the first DC address
returned, and gave up.

Ok. Chapter 2.

So I turned on the old lab DC01 and DC02. Ran dcpromo. DC01 blue
screened in the middle of it, and rebooted. Nice. Seems everything
worked except loading the DNS zones, but to be sure, I demoted it,
rebooted, and ran dcpromo again. RDP session dropped again, in the
middle, most likely BSoD. How fun. Yep, 0x000000cc (0x8b54efa0,
0x00000001, 0x8083a197, 0x00000000). I'll be googling that in a
moment.

Oh and seems like DC02 had the same BSoD error. Could these be
related to promoting 2003 DCs into a 2003 mode domain with only 2008
DCs??

Well, any ideas are certainly welcome at this point.

Thanks
Rich (Milburn)

PS and hello again to anyone who remembers me ;-)

RE: [ActiveDir] [OT] Do you upgrade firmware or drivers on servers

robertsingers — Fri, 06 Nov 2009 01:02:29 GMT

Does certain equal Dell or all hardware vendors.

-----Original Message-----
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Adam Thompson
Sent: Friday, 6 November 2009 1:57 p.m.
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] [OT] Do you upgrade firmware or drivers on servers

2009/11/5 Susan Bradley <susan@sbslinks.com>:
> I sign up for the HP alerts and decide whether or not to upgrade.
>

I find that certain Hardware Providers seem to just suggest that you
update the drivers and firmware as a first course of action for any
problem.
This can get a little frustrating when you have five servers
exhibiting the same bugcheck codes on frequent STOP errors and the
crashdump analysis points to the same driver for each one - and yet
Hardware Provider are unable to tell you why they think a driver
update will solve the issue, as there's no known issue matching the
issues with the servers. Nevertheless, they will refuse to progress
the case any further unless you upgrade all the drivers and firmware
first. This can take a while to get through change control.

> FYI on the 2k8 era nics as well:
>
> Did you know that Dell doesn't recommend that you update the broadcom
> drivers from the inplace driver update (control panel, device manager)? If
> you do you run the risk of corrupting the driver?
>

I've been asked to do remote hands for one of our colo customers a
couple of times when this has happened. Quite why they can't use the
DRAC is beyond me.

--
AdamT

#############################################################################################
This e-mail message has been scanned for Viruses and cleared by NetIQ MailMarshal.
##############################################################################################
############################################################
PLEASE NOTE:

The information contained in this email message and any
attached files may be confidential and subject to privilege.
Any opinions expressed in this message are not necessarily
those of the Department of Building and Housing. All technical
opinions are offered on a ?no-liability? basis. This message
and any files transmitted with it are confidential and solely
for the use of the intended recipient. If you are not the
intended recipient, you are notified that any use, disclosure
or copying of this email is unauthorised. If you have received
this email in error, please notify us immediately by reply email
and delete the original and any attachment(s). Thank you.
############################################################

Re: [ActiveDir] [OT] Do you upgrade firmware or drivers on servers

adwulf — Fri, 06 Nov 2009 00:58:17 GMT

2009/11/5 Susan Bradley <susan@sbslinks.com>:
> I sign up for the HP alerts and decide whether or not to upgrade.
>

I find that certain Hardware Providers seem to just suggest that you
update the drivers and firmware as a first course of action for any
problem.
This can get a little frustrating when you have five servers
exhibiting the same bugcheck codes on frequent STOP errors and the
crashdump analysis points to the same driver for each one - and yet
Hardware Provider are unable to tell you why they think a driver
update will solve the issue, as there's no known issue matching the
issues with the servers. Nevertheless, they will refuse to progress
the case any further unless you upgrade all the drivers and firmware
first. This can take a while to get through change control.

> FYI on the 2k8 era nics as well:
>
> Did you know that Dell doesn't recommend that you update the broadcom
> drivers from the inplace driver update (control panel, device manager)? If
> you do you run the risk of corrupting the driver?
>

I've been asked to do remote hands for one of our colo customers a
couple of times when this has happened. Quite why they can't use the
DRAC is beyond me.

--
AdamT

RE: [ActiveDir] [OT] Do you upgrade firmware or drivers on servers

weemat2 — Thu, 05 Nov 2009 22:06:47 GMT

I'd like to comment on the "if it aint broke, dont fix it" bit.

I recently was involved at a customer that had accidentally deleted an OU containing all users of Org. They tried to do a non-auth restore of OU to recover. Recovery worked but wouldnt replicate out as destination servers hung badly. An analysis to later revealed issues with storage driver. General day to day trickling of updates was fine. But mass changes caused box to hang. Hence the relevance to the "if it aint broke dont fix it". Do you know if your environment aint broke?

As a result customer had to update

1. storage controller driver

2. storage controller firmware

3. Disk firmware

4. storport.sys

This was a very stressful and painful process to recover from. I suggest following ITL/MOF best practices for release management and ensuring you keep those drivers and firmware up to date across the estate. Various hardware vendors offer means for deploying these updates from central locations and apparently to schedule things as well. I have no experience with any of these facilities myself. Other list denizens may pipe up....hopefully.

> Date: Thu, 5 Nov 2009 20:24:11 +0000
> Subject: [ActiveDir] [OT] Do you upgrade firmware or drivers on servers
> From: martiniscool@gmail.com
> To: activedir@mail.activedir.org
>
> Hi All
>
> Sorry for so many OT posts this week. I'm sure my question above will
> divide the camp, but I'm keen to find out what other companies are
> doing.
>
> We've had a few server issues recently which we've opened cases for
> with the manufacturer. In alot of the cases, we've been asked to
> upgrade the firmware as the first action. Generally, we don't upgrade
> firmware or drivers on servers, not just because of the downtime, but
> also because when it comes to firmware, our general motto is if it
> ain't broke, don't fix it. Also of course, upgrading drivers
> (expecially NIC drivers) can sometimes (IMHO) just open up a big can
> of worms and cause problems that you didn't even have in the first
> place.
>
> Anyway, I'm be curious to hear what other companies are doing. I'm
> also curious if you have any particular centralized apps (ala-WSUS)
> for doing this task, or if you just manually download them from the
> various manufacturers websites.
>
> Thanks in advance for any feedback
> M
>

_________________________________________________________________
New Windows 7: Find the right PC for you. Learn more.
http://www.microsoft.com/uk/windows/buy/

Re: [ActiveDir] [OT] Do you upgrade firmware or drivers on servers

Bitzie — Thu, 05 Nov 2009 21:58:38 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
I sign up for the HP alerts and decide whether or not to upgrade.

In some cases [evil broadcom nics] we needed to upgrade nic drivers
[evil broadcom nics] and ensure they were newish when that lovely
Win2k3 sp2 [evil broadcom nics] came out that enabled the delightful
enhanced networking stuff [evil broadcom nics] so we could disable the
equally delightful RSS and TOE [evil broadcom nics] on our servers .

I do them when I build the server, I may do them afterwards. I never
ever ever ever use WSUS for installing drivers. Only from the
manufacturer, never from WSUS. Burned too many times in the past.

FYI on the 2k8 era nics as well:

Did you know that Dell doesn't recommend that you update the
broadcom drivers from the inplace driver update (control panel, device
manager)? If you do you run the risk of corrupting the driver?
"A quick recap:

Enable both nics (write down the IP addresses). Uninstall the previous
ver. Of Bcom suite. Reboot install the new Bcom suite you downloaded.
Reboot put in the static IP and disable 2nd nic. Reboot have a cleint
reboot and log in.

Before the client system reboots make sure the server is up.

(if you have layer 3 or 4 switches or routers it takes 90 sec each for
the arp cache to renew)"

The Official SBS Blog : Device Manager may seem to hang while
uninstalling a NIC:

<a class="moz-txt-link-freetext" href="http://blogs.technet.com/sbs/archive/2009/09/01/device-manager-may-seem-to-hang-while-uninstalling-a-nic.aspx">http://blogs.technet.com/sbs/archive/2009/09/01/device-manager-may-seem-to-hang-while-uninstalling-a-nic.aspx</a>

Now I REALLY HATE broadcom nics - THE OFFICIAL BLOG OF THE SBS "DIVA":

<a class="moz-txt-link-freetext" href="http://msmvps.com/blogs/bradley/archive/2009/10/21/now-i-really-hate-broadcom-nics.aspx">http://msmvps.com/blogs/bradley/archive/2009/10/21/now-i-really-hate-broadcom-nics.aspx</a>

Robert Singers wrote:
<blockquote
cite="mid3FCB078BFCAAA47BAA254FB49168927471A61C073@MAIL.Network.local"
type="cite">
<pre wrap="">I like to update server firmware by hand - as it were. But that's just because I'm old enough to have done a lot of work on EISA machines.

And on your point about not upgrading firmware. If a machine runs much better with a new firmware, don't you think it might just have been broken in the first place. It's like prostate, breast, and cervical cancer - unless you're proactively checking you might just find one day that you're about to die.

-----Original Message-----
From: <a class="moz-txt-link-abbreviated" href="mailto:activedir-owner@mail.activedir.org">activedir-owner@mail.activedir.org</a> [<a class="moz-txt-link-freetext" href="mailto:activedir-owner@mail.activedir.org">mailto:activedir-owner@mail.activedir.org</a>] On Behalf Of martin
Sent: Friday, 6 November 2009 9:24 a.m.
To: <a class="moz-txt-link-abbreviated" href="mailto:activedir@mail.activedir.org">activedir@mail.activedir.org</a>
Subject: [ActiveDir] [OT] Do you upgrade firmware or drivers on servers

Hi All

Sorry for so many OT posts this week. I'm sure my question above will
divide the camp, but I'm keen to find out what other companies are
doing.

We've had a few server issues recently which we've opened cases for
with the manufacturer. In alot of the cases, we've been asked to
upgrade the firmware as the first action. Generally, we don't upgrade
firmware or drivers on servers, not just because of the downtime, but
also because when it comes to firmware, our general motto is if it
ain't broke, don't fix it. Also of course, upgrading drivers
(expecially NIC drivers) can sometimes (IMHO) just open up a big can
of worms and cause problems that you didn't even have in the first
place.

Anyway, I'm be curious to hear what other companies are doing. I'm
also curious if you have any particular centralized apps (ala-WSUS)
for doing this task, or if you just manually download them from the
various manufacturers websites.

Thanks in advance for any feedback
M

#############################################################################################
This e-mail message has been scanned for Viruses and cleared by NetIQ MailMarshal.
##############################################################################################
############################################################
PLEASE NOTE:

The information contained in this email message and any
attached files may be confidential and subject to privilege.
Any opinions expressed in this message are not necessarily
those of the Department of Building and Housing. All technical
opinions are offered on a ‘no-liability’ basis. This message
and any files transmitted with it are confidential and solely
for the use of the intended recipient. If you are not the
intended recipient, you are notified that any use, disclosure
or copying of this email is unauthorised. If you have received
this email in error, please notify us immediately by reply email
and delete the original and any attachment(s). Thank you.
############################################################

</pre>
</blockquote>
</body>
</html>

Re: [ActiveDir] [OT] Do you upgrade firmware or drivers on servers

cmuncy — Thu, 05 Nov 2009 21:54:33 GMT

I usually take a long holiday to update firmware in my servers and
switches. That way if the shtf you have time. But always have a fall back
plan.

Chris

On Thu, Nov 5, 2009 at 3:38 PM, Robert Singers
<Robert.Singers@dbh.govt.nz>wrote:

> I like to update server firmware by hand - as it were. But that's just
> because I'm old enough to have done a lot of work on EISA machines.
>
> And on your point about not upgrading firmware. If a machine runs much
> better with a new firmware, don't you think it might just have been broken
> in the first place. It's like prostate, breast, and cervical cancer -
> unless you're proactively checking you might just find one day that you're
> about to die.
>
>
> -----Original Message-----
> From: activedir-owner@mail.activedir.org [mailto:
> activedir-owner@mail.activedir.org] On Behalf Of martin
> Sent: Friday, 6 November 2009 9:24 a.m.
> To: activedir@mail.activedir.org
> Subject: [ActiveDir] [OT] Do you upgrade firmware or drivers on servers
>
> Hi All
>
> Sorry for so many OT posts this week. I'm sure my question above will
> divide the camp, but I'm keen to find out what other companies are
> doing.
>
> We've had a few server issues recently which we've opened cases for
> with the manufacturer. In alot of the cases, we've been asked to
> upgrade the firmware as the first action. Generally, we don't upgrade
> firmware or drivers on servers, not just because of the downtime, but
> also because when it comes to firmware, our general motto is if it
> ain't broke, don't fix it. Also of course, upgrading drivers
> (expecially NIC drivers) can sometimes (IMHO) just open up a big can
> of worms and cause problems that you didn't even have in the first
> place.
>
> Anyway, I'm be curious to hear what other companies are doing. I'm
> also curious if you have any particular centralized apps (ala-WSUS)
> for doing this task, or if you just manually download them from the
> various manufacturers websites.
>
> Thanks in advance for any feedback
> M
>
>
>
> #############################################################################################
> This e-mail message has been scanned for Viruses and cleared by NetIQ
> MailMarshal.
>
> ##############################################################################################
> ############################################################
> PLEASE NOTE:
>
> The information contained in this email message and any
> attached files may be confidential and subject to privilege.
> Any opinions expressed in this message are not necessarily
> those of the Department of Building and Housing. All technical
> opinions are offered on a ‘no-liability’ basis. This message
> and any files transmitted with it are confidential and solely
> for the use of the intended recipient. If you are not the
> intended recipient, you are notified that any use, disclosure
> or copying of this email is unauthorised. If you have received
> this email in error, please notify us immediately by reply email
> and delete the original and any attachment(s). Thank you.
> ############################################################
>
>

RE: [ActiveDir] [OT] Do you upgrade firmware or drivers on servers

robertsingers — Thu, 05 Nov 2009 21:40:17 GMT

I like to update server firmware by hand - as it were. But that's just because I'm old enough to have done a lot of work on EISA machines.

And on your point about not upgrading firmware. If a machine runs much better with a new firmware, don't you think it might just have been broken in the first place. It's like prostate, breast, and cervical cancer - unless you're proactively checking you might just find one day that you're about to die.

-----Original Message-----
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of martin
Sent: Friday, 6 November 2009 9:24 a.m.
To: activedir@mail.activedir.org
Subject: [ActiveDir] [OT] Do you upgrade firmware or drivers on servers

Hi All

Sorry for so many OT posts this week. I'm sure my question above will
divide the camp, but I'm keen to find out what other companies are
doing.

We've had a few server issues recently which we've opened cases for
with the manufacturer. In alot of the cases, we've been asked to
upgrade the firmware as the first action. Generally, we don't upgrade
firmware or drivers on servers, not just because of the downtime, but
also because when it comes to firmware, our general motto is if it
ain't broke, don't fix it. Also of course, upgrading drivers
(expecially NIC drivers) can sometimes (IMHO) just open up a big can
of worms and cause problems that you didn't even have in the first
place.

Anyway, I'm be curious to hear what other companies are doing. I'm
also curious if you have any particular centralized apps (ala-WSUS)
for doing this task, or if you just manually download them from the
various manufacturers websites.

Thanks in advance for any feedback
M

#############################################################################################
This e-mail message has been scanned for Viruses and cleared by NetIQ MailMarshal.
##############################################################################################
############################################################
PLEASE NOTE:

The information contained in this email message and any
attached files may be confidential and subject to privilege.
Any opinions expressed in this message are not necessarily
those of the Department of Building and Housing. All technical
opinions are offered on a ?no-liability? basis. This message
and any files transmitted with it are confidential and solely
for the use of the intended recipient. If you are not the
intended recipient, you are notified that any use, disclosure
or copying of this email is unauthorised. If you have received
this email in error, please notify us immediately by reply email
and delete the original and any attachment(s). Thank you.
############################################################

[ActiveDir] [OT] 08 R2 & Exchange 07 loophole?

albertduro — Thu, 05 Nov 2009 20:16:37 GMT

OK, so you can't put Exchange 07 on Server 08 R2, but can you install Exchange 07 onto a virtual Server 03 hosted on 08 R2?